About
FAQ
Help
MapAnywhere Forensics
Anywhere Forensics by Thegrideon Software is a unique tool for SQL Anywhere database files access, analysis, review, export and recovery as well as database encryption key and user password recovery and user password replacement. It works with files directly without any external database engines and designed to provide access to all Tables / Rows saved in any SQL Anywhere database. Events, Procedures, Triggers and Views are displayed with SQL code syntax highlighting and "SET HIDDEN" de-obfuscation. SQL Anywhere versions 5, 6, 7, 8, 9, 10, 11, 12, 16 and the latest 17 are supported.
Anywhere Forensics Features:
- Direct read-only access to SQL Anywhere database:
- lists all database tables;
- shows schemas (columns names, types, sizes, defaults, etc);
- table viewer is available for preliminary analysis;
- table can be exported as XML or CSV files (bulk export is available);
- special non-ANSI encodings are supported;
- internal hex viewer is available for attached binary or large text blocks;
- binary and large data blocks can be extracted as well;
- SQL code viewer with syntax highlighting;
- SQL SET HIDDEN obfuscation decoding;
- All data pages are scanned for recoverable (deleted, lost) tables and records.
- Decrypts configuration files (with default dbfhide encryption only).
- Lists active database User accounts.
- User (DBA) password can be replaced instantly regardless of length or complexity.
- Several attacks can be queued for database key or any user password recovery:
- common brute-force and dictionary attacks with modifications and filtering options;
- advanced mixed attacks for precise search range setup;
- multi-position moves to cover modern password policies;
- simple modifications: add part(s) copy, replace chars, etc.
- typing errors, case switching, char substitutions;
- highly optimized code (SSE, AVX, AVX-512, AES-NI) guarantees fastest performance;
- supports up to 64 simultaneous processing threads (multi-Core, multi-CPU);
- audio, script or web address based post-search notification;
- Simple and Strong (AES, AES-FIPS) encryption methods are supported.
- SQL Anywhere versions 5 - 17 are supported.
- Windows 7 - Windows 11.
Program Screenshots:
Data Access, Analysis, Review, Export and RecoveryAnywhere Forensics is designed to provide full direct access to all Tables / Records saved in SQL Anywhere database (.db). It works with files directly without any database engines. Data is not changed in any way in contrast to usual DB access methods. It is the first tool to offer low-level data access to SQL Anywhere files.ASA database tables can be previewed for preliminary analysis and / or exported as RFC 4180 compliant CSV file or as XML with XSD schema to be used in MS Access, Excel, SQL Server, etc. Attached binary and text blocks of data can be previewed in internal Hex viewer or extracted for further analysis. Events, Functions, Procedures, Triggers and Views are available for review with syntax highlighting and automatic SET HIDING obfuscation decoding.Anywhere Forensics also searches and recovers old records / discarded data pages with old or deleted data. It is not a repair tool, but direct database records access allows data recovery from irreparable files in many cases.
Password Replacement:Password verification values for any user can be replaced instantly in order to regain access to any database. Old verification values can be saved and restored to gain temporary access if permanent password replacement is not an option (it is software or hardware hardcoded for example).Database login_procedure and post_login_procedure options can be cleared as well to bypass misconfigured login related functions used to check expiration, complexity, environment, etc.
Encryption Key / Password Recovery:
For AES encryption key recovery and user password recovery Anywhere Forensics allows you to queue several attacks for precise search range setup including advanced mixed attacks (combination of dictionary, sequential and fixed parts). You can set any search pattern from independent parts with virtually endless number of combinations.
The following tables are based on several tests with the common laptop, workstation and tablet CPUs:
| DB Key Recovery |
| Instructions Set: |
|---|
| AES 128 keys/s: |
| AES 256 keys/s: |
| Intel® Core™2 Duo T7500 @ 2.20GHz |
Intel® Core™ i3 2100 @ 3.10GHz |
Intel® Atom™ Z3740 @ 1.33GHz |
Intel® Core™ i3 4130 @ 3.40GHz |
|---|---|---|---|
| SSE2 | AVX | AES-NI | AES-NI |
| 4.5 millions | 9 millions | 9.5 millions | 23 millions |
| 2.5 millions | 6 millions | 6.5 millions | 18 millions |
| User Password Recovery |
| Instructions Set: |
|---|
| Ver: 5-9 pass/s: |
| V: 10-17 pass/s: |
| Intel® Core™2 Duo T7500 @ 2.20GHz |
Intel® Atom™ Z3740 @ 1.33GHz |
Intel® Core™ i3 2100 @ 3.10GHz |
Intel® Core™ i3 4130 @ 3.40GHz |
|---|---|---|---|
| SSE2 | SSE2 | AVX | AVX2 |
| 6.5 millions | 5 millions | 14 millions | 17 millions |
| 7 millions | 8 millions | 14 millions | 23 millions |
Trial version is available to check format compatibility. It allows you to preview odd rows from any table. Export is enabled for tables "SYS..." and "ISYS...". Attached data (binary, vartext, etc.) cannot be saved. Password replacement feature is disabled. Password search test runs are 15 min limited.
All trademarks are the property of their respective holders.